CN113448886A - Memory mapping protection mechanism - Google Patents

Memory mapping protection mechanism Download PDF

Info

Publication number
CN113448886A
CN113448886A CN202011498360.0A CN202011498360A CN113448886A CN 113448886 A CN113448886 A CN 113448886A CN 202011498360 A CN202011498360 A CN 202011498360A CN 113448886 A CN113448886 A CN 113448886A
Authority
CN
China
Prior art keywords
microcontroller
memory
access
integrity
firmware
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202011498360.0A
Other languages
Chinese (zh)
Inventor
K·科塔瑞
P·拉贾戈帕
S·杜雷加
M·哈尼法
P·德万
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Intel Corp
Original Assignee
Intel Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Intel Corp filed Critical Intel Corp
Publication of CN113448886A publication Critical patent/CN113448886A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0602Interfaces specially adapted for storage systems specifically adapted to achieve a particular effect
    • G06F3/062Securing storage systems
    • G06F3/0622Securing storage systems in relation to access
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1416Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F13/00Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
    • G06F13/14Handling requests for interconnection or transfer
    • G06F13/16Handling requests for interconnection or transfer for access to memory bus
    • G06F13/1668Details of memory controller
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/79Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0628Interfaces specially adapted for storage systems making use of a particular technique
    • G06F3/0655Vertical data movement, i.e. input-output transfer; data movement between one or more hosts and one or more storage devices
    • G06F3/0659Command handling arrangements, e.g. command buffers, queues, command scheduling
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0668Interfaces specially adapted for storage systems adopting a particular infrastructure
    • G06F3/0671In-line storage system
    • G06F3/0673Single storage device
    • G06F3/0679Non-volatile semiconductor memory device, e.g. flash memory, one time programmable memory [OTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/4401Bootstrapping
    • G06F9/4403Processor initialisation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/4401Bootstrapping
    • G06F9/4406Loading of operating system

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Human Computer Interaction (AREA)
  • Computer Hardware Design (AREA)
  • Storage Device Security (AREA)

Abstract

The present application relates to memory map protection mechanisms. An apparatus to facilitate memory mapping security in a system on a chip (SOC) is disclosed. The apparatus includes a microcontroller that receives a request to authorize a host device to access a memory device and performs an alias checking process to verify an accuracy of a memory map of the memory device.

Description

Memory mapping protection mechanism
Technical Field
The application relates to an on-chip secure microcontroller.
Background
A system on a chip (SOC) is an integrated circuit that integrates all of the components of a computer or other electronic system together. These components include a Central Processing Unit (CPU), memory, input/output (IO) ports, and secondary storage devices, all included on a single substrate or microchip. Furthermore, SOCs enable integration of third party components via standardized on-chip interconnect protocols. However, adding such components may result in a security breach.
Disclosure of Invention
In view of the foregoing, the present application provides a memory map protection mechanism.
A first aspect of the present application provides an apparatus that facilitates memory mapping security in a SOC, comprising: a microcontroller that receives a request to authorize a host device to access the memory device and performs an alias checking process to verify an accuracy of a memory map of the memory device.
A second aspect of the present application provides a method of facilitating memory mapping security in a SOC, comprising: receiving, at a microcontroller from basic input/output system (BIOS) firmware, a request to authorize a host device to access a memory device and to execute an access authorization request initiated by boot firmware; the microcontroller performs an alias checking process to verify the accuracy of the memory map of the memory device; and the microcontroller performs an authentication process to verify the integrity of the memory map.
A third aspect of the present application provides a computing device comprising: a processor; a memory device comprising a memory map; a BIOS firmware to program a memory map for a plurality of agents; an architecture interface coupled between the processor, the memory device, and the BIOS firmware; and a microcontroller coupled to the architecture interface, the microcontroller receiving a request from the BIOS firmware authorizing access of the processor to the memory device and executing an access authorization request initiated by the boot firmware, and performing an alias checking process to verify an accuracy of a memory map of the memory device.
Drawings
So that the manner in which the above recited features can be understood in detail, a more particular description, briefly summarized above, may be had by reference to embodiments, some of which are illustrated in the appended drawings. It is to be noted, however, that the appended drawings illustrate only typical embodiments and are therefore not to be considered limiting of its scope, for the invention may admit to other equally effective embodiments.
FIG. 1 illustrates one embodiment of a computing device.
FIG. 2 illustrates one embodiment of a platform.
FIG. 3 illustrates one embodiment of a microcontroller.
FIG. 4A is a flow diagram illustrating one embodiment of a boot process.
Fig. 4B is a sequence diagram illustrating another embodiment of a startup process.
FIG. 5 is a flow chart illustrating one embodiment of a process performed by a microcontroller.
FIG. 6A illustrates the responsiveness impact associated with a conventional platform model.
FIG. 6B illustrates one embodiment of responsiveness impacts associated with the disclosed platform model.
FIG. 7 is a schematic diagram illustrating one embodiment of an electronic computing device.
Detailed Description
In the following description, numerous specific details are set forth to provide a more thorough understanding of various embodiments. It will be apparent, however, to one skilled in the art, that the present embodiments may be practiced without one or more of these specific details. In other instances, well-known features have not been described in order to avoid obscuring any of the techniques.
In an embodiment, an on-chip secure microcontroller is provided to intercept memory access authorization requests initiated by boot firmware and perform memory-mapped alias checking. In further embodiments, the microcontroller performs authentication (authentication) of memory mapping to one or more hosts or other system components.
References to "one embodiment," "an embodiment," "example embodiment," "various embodiments," etc., indicate that the embodiment so described may include a particular feature, structure, or characteristic, but every embodiment may not necessarily include the particular feature, structure, or characteristic. In addition, some embodiments may have some, all, or none of the features described for other embodiments.
In the following description and claims, the term "coupled" and its derivatives may be used. "coupled" is used to indicate that two or more elements co-operate or interact with each other, but may or may not have intervening physical or electrical components.
As used in the claims, unless otherwise specified the use of the ordinal adjectives "first", "second", "third", etc., to describe a common element, merely indicate that different instances of like elements are being referred to, and are not intended to imply that the elements so described must be in a given sequence, either temporally, spatially, in ranking, or in any other manner.
FIG. 1 illustrates one embodiment of a computing device 100. According to one embodiment, computing device 100 includes a computer platform that hosts an integrated circuit ("IC"), such as a system on a chip ("SoC" or "SoC"), integrating various hardware and/or software components of computing device 100 on a single chip. As shown, in one embodiment, computing device 100 may include any number and type of hardware and/or software components, such as, but not limited to, a graphics processing unit 114 ("GPU" or simply "graphics processor"), a graphics driver 116 (also referred to as a "GPU driver," "graphics driver logic," "driver logic," User Mode Driver (UMD), UMD, User Mode Driver Framework (UMDF), UMDF, or simply "driver"), a central processing unit 112 ("CPU" or simply "application processor"), a memory 108, network devices, drivers, and the like, and input/output (I/O) sources 104, such as a touchscreen, touch panel, touchpad, virtual or conventional keyboard, virtual or conventional mouse, port, connector, and the like. The computing device 100 may include an Operating System (OS)106 that serves as an interface between hardware and/or physical resources of the computing device 100 and a user.
It should be appreciated that for some embodiments, systems with fewer or more equipment than the examples described above may be preferred. Thus, the configuration of computing device 100 may vary depending on implementation, depending on a number of factors, such as price constraints, performance requirements, technological improvements, or other circumstances.
Embodiments may be implemented as any one or combination of the following: one or more microchips or integrated circuits interconnected using a motherboard, hardwired logic, software stored by a memory device and executed by a microprocessor, firmware, an Application Specific Integrated Circuit (ASIC), and/or a Field Programmable Gate Array (FPGA). The terms "logic," "module," "component," "engine," and "mechanism" may include, for example, software or hardware and/or combinations thereof, such as firmware.
Embodiments may be implemented using one or more memory chips, controllers, CPUs (central processing units), microchips or integrated circuits interconnected using a motherboard, Application Specific Integrated Circuits (ASICs), and/or Field Programmable Gate Arrays (FPGAs). The term "logic" may include, by way of example, software or hardware and/or combinations of software and hardware.
FIG. 2 illustrates one embodiment of a platform 200, the platform 200 including an SOC 210 similar to the computing device 100 discussed above. As shown in FIG. 2, platform 200 includes SOC 210 communicatively coupled to one or more software components 280 via CPU 112. In addition, SOC 210 includes other computing device components (e.g., memory 108) coupled via system architecture 205. In one embodiment, system architecture 205 includes an integrated system on a chip architecture (IOSF) to provide a standardized on-chip interconnect protocol to couple Interconnect Protocol (IP) agents 230 (e.g., IP blocks 230A and 230B) within SOC 210. In such embodiments, the interconnect protocol provides a standardized interface to enable third parties to design logic (such as IP agents 130) incorporated into SOC 210.
According to an embodiment, the IP agent 230 may include a general purpose processor (e.g., an in-order or out-of-order core), a fixed function unit, a graphics processor, an I/O controller, a display controller, and so forth. In such embodiments, each IP agent 230 includes a hardware interface 235 to provide standardization to enable the IP agent 230 to communicate with SOC 210 components. For example, in embodiments where IPA agent 230 is a third party Visual Processing Unit (VPU), interface 235 provides standardization to enable the VPU to access memory 108 via fabric 205.
The SOC 210 also includes a security controller 240, which security controller 240 functions as a security engine to perform various security operations (e.g., security processes, cryptographic functions, etc.) on the SOC 210. In one embodiment, the security controller 240 includes an IP agent 230, the IP agent 230 implemented to perform security operations. Further, the SOC 210 includes a nonvolatile memory 250. The non-volatile memory 250 may be implemented as a peripheral component interconnect express (PCIe) storage drive, such as a Solid State Drive (SSD) or a non-volatile memory express (NVMe) drive. In one embodiment, the non-volatile memory 250 basic input/output system (BIOS) firmware 255 operates as boot firmware to perform hardware initialization during power-up boot (or boot process).
Typically, the boot firmware is implemented to construct a system memory map for one or more SOC 210 memory devices (e.g., memory 108). A memory map is a data structure (e.g., typically included in memory) that indicates how the memory is configured. Currently, the memory mapped programming performed by the BIOS is programmed at the IP agent. However, in this design, the memory map is not verified until memory access to the host CPU is enabled. This forces the security-centric IP agent (e.g., security controller 240) to separately check the alias. There is no centralized mechanism to perform alias checking and communicate authentication to the host and other security elements, which is a huge security gap that forces security-centric IP to use alias checking codes inside the SOC. Thus, the current alias checking process within the SOC is prone to security holes and reduces response time.
According to one embodiment, SOC 210 includes a microcontroller 260 to receive memory access authorization requests initiated by BIOS 255 and perform memory mapping checks and alias checks. In such embodiments, the BIOS boot firmware programs the memory map for all IP agents 230 before enabling host access to memory 108 (e.g., CPU 112). In further embodiments, microcontroller 260 authenticates the verified memory mapped result for each platform IP agent 230. In further embodiments, a security-centric IP agent (e.g., security controller 240) accepts and implements memory mapping authenticated by microcontroller 260, thereby avoiding alias checking duplication.
Fig. 3 illustrates one embodiment of microcontroller 260. As shown in fig. 3, microcontroller 260 includes security mapping logic 310 and an issuer 320. According to one embodiment, secure mapping logic 310 performs memory aliasing checks to verify that the memory mapping generated by the boot firmware is correct and consistent. In such embodiments, the secure mapping logic 310 performs the memory aliasing upon receiving a request from the boot firmware to implement the host memory access.
FIG. 4A is a flow diagram illustrating one embodiment of a boot process performed by boot firmware. At processing block 410, platform 200 is powered up. At processing block 420, the boot firmware initializes SOC 210 (e.g., CPU) registers and facilitates activation of the IP agent 330 (e.g., exits reset). At processing block 430, memory 108 is initialized. In one embodiment, the memory 108 is initialized via Memory Reference Code (MRC) logic (not shown) included in the BIOS 255. The MRC logic determines how to read and write to the memory 108 and adjusts the memory timing algorithm. At processing block 440, the boot firmware determines the memory requirements of each of the IP agents. At processing block 450, the boot firmware programs the memory map at each IP agent 330. At processing block 460, the boot firmware requests host access. Fig. 4B is a sequence diagram illustrating another embodiment of a startup process.
Upon receiving the request, the security mapping logic 310 performs a memory alias check by comparing memory ranges across all the IP agents 330 and verifying compliance with one or more rules across the IP agents 330 (e.g., no range overlap, consistent ranges across all IPs, alignment rules, etc.). Once the alias checking has been performed, the security mapping logic 310 locks the registers associated with the memory map. In an embodiment, security mapping logic 310 locks the registers from further updating by directly setting the IP agent 330 locking bits, or by requesting the IP agent 330 to lock the registers themselves and sending an acknowledgement to the security mapping logic 310 once locked. In further embodiments, a write-once register model is implemented for the lock-bits architecture. However, in other embodiments, a secure access policy may be implemented that denies access to the host CPU.
Secure mapping logic 310 also performs a memory authentication process to verify the integrity of the memory map generated by the boot firmware. In one embodiment, the security mapping logic 310 performs authentication by storing integrity data and alias check results in an architecture-defined status register. According to one embodiment, security mapping logic 310 allows the host to access memory when it determines that authentication has passed (e.g., integrity has been verified).
In further embodiments, the security mapping logic 310 prevents access to memory when it determines that authentication has failed (e.g., integrity has not been verified). In such embodiments, the security mapping logic 310 prevents access to memory via a hardware locking mechanism. Security mapping logic 310 may block access by communicating with a memory controller at IP agent 230, which sets an architectural register to grant or block access to memory.
The microcontroller 260 also includes an issuer 320 to issue the results of the authentication to the BIOS 255. In one embodiment, the results are issued via a mechanism defined by the specification (such as a model-specific register). BIOS then polls the defined interface to take the necessary action (e.g., success: REGULAR BOOT PATH (REGULAR BOOT PATH), failure: FORCED HALT/RECOVERY Path (FORCED HALT/RECOVERY PATH)) based on the policy settings of the platform 200.
FIG. 5 is a flow chart illustrating one embodiment of a process performed by microcontroller 260. At processing block 510, a host memory access (e.g., from boot firmware) is received. At processing block 520, a memory alias check is performed. At processing block 530, registers associated with the memory map are locked. At processing block 540, the authenticated memory map is reported. At decision block 550, a determination is made whether the authentication of the IP agent has passed. In the event that it is determined that the authentication has passed, at processing block 560, memory access is enabled. Otherwise, at processing block 570, the memory access is locked. At processing block 580, the authenticated memory map is reported to the boot firmware. In one embodiment, the platform 200 user may be alerted in the event that the authentication of the IP agent fails.
The above-described mechanisms provide a one-stop authentication and alias checking solution in the SOC platform that allows host memory access only upon determining that authentication and alias checking have passed. Thus, security threats to the SOC platform are mitigated. FIG. 6A illustrates the responsiveness impacts associated with a traditional platform model, while FIG. 6B illustrates one embodiment of the responsiveness impacts associated with a disclosed platform model.
FIG. 7 is a schematic diagram of an illustrative electronic computing device implementing enhanced protection against attacks in accordance with some embodiments. In some embodiments, the computing device 600 includes one or more processors 610, the processors 610 including one or more processor cores 618 and a TEE 664 including a machine learning enclave (MLSE) 680. In some embodiments, the computing device 600 includes a hardware accelerator 668 that includes a cryptographic engine 682 and a machine learning model 684. In some embodiments, as provided in fig. 1-6, the computing device will provide enhanced protection against ML attacks.
Computing device 600 may additionally include one or more of the following: cache 662, a Graphics Processing Unit (GPU)612 (which may be a hardware accelerator in some embodiments), a wireless input/output (I/O) interface 620, a wired I/O interface 630, a memory circuit 640, a power management circuit 650, a non-transitory storage device 660, and a network interface 670 for connecting to a network 672. The following discussion provides a brief overview of the components that form the illustrative computing device 600. For example, non-limiting computing device 600 may include a desktop computing device, a blade server device, a workstation, or similar device or system.
In an embodiment, processor core 618 is capable of executing a set of machine-readable instructions 614, reading data and/or a set of instructions 614 from one or more storage devices 660, and writing data to one or more storage devices 660. One skilled in the relevant art will appreciate that the illustrated embodiments, as well as other embodiments, may be practiced with other processor-based device configurations, including portable electronic or handheld electronic devices such as smart phones, portable computers, wearable computers, consumer electronics, personal computers ("PCs"), network PCs, minicomputers, server blades, mainframe computers, and the like.
Processor core 618 may include any number of hardwired or configurable circuits, some or all of which may include a programmable and/or configurable combination of electronic components, semiconductor devices, and/or logic elements, partially or wholly disposed in a PC, server, or other computing system capable of executing processor-readable instructions.
Computing device 600 includes a bus or similar communication link 616, which bus or similar communication link 616 communicatively couples and facilitates the exchange of information and/or data between various system components including a processor core 618, a cache 662, a graphics processor circuit 612, one or more wireless I/O interfaces 620, one or more wired I/O interfaces 630, one or more storage devices 660, and/or one or more network interfaces 670. Computing device 600 may be referred to herein in the singular, but this is not intended to limit embodiments to a single computing device 600, as in some embodiments there may be more than one computing device 600 incorporating, including, or containing any number of communicatively coupled, collocated, or remotely networked circuits or devices.
Processor core 618 may include any number, type, or combination of currently available or future developed devices capable of executing a set of machine-readable instructions.
The processor core 618 may include (or be coupled to) but is not limited to any currently or later developed single or multi-core processor or microprocessor, such as: one or more system on a chip (SOC); a Central Processing Unit (CPU); a Digital Signal Processor (DSP); a Graphics Processing Unit (GPU); application Specific Integrated Circuits (ASICs), programmable logic units, Field Programmable Gate Arrays (FPGAs), and the like. Unless otherwise noted, the structure and operation of the various blocks shown in FIG. 7 are of conventional design. Accordingly, as will be appreciated by those skilled in the relevant art, such blocks need not be described in further detail herein. The bus 616 that interconnects at least some of the components of the computing device 600 may utilize any currently available or future developed serial or parallel bus architecture or architecture.
The system memory 640 may include read only memory ("ROM") 642 and random access memory ("RAM") 646. A portion of the ROM 642 may be used to store or otherwise retain a basic input/output system ("BIOS") 644. BIOS 644 provides basic functionality to computing device 600, for example, by causing processor core 618 to load and/or execute one or more sets of machine-readable instructions 614. In an embodiment, at least some of the one or more sets of machine-readable instructions 614 cause at least a portion of the processor core 618 to provide, create, produce, transform, and/or operate as a special purpose, special purpose or particular machine, such as a word processor, digital image capture machine, media player, gaming system, communication device, smart phone, or the like.
Computing device 600 may include at least one wireless input/output (I/O) interface 620. The at least one wireless I/O interface 620 may be communicatively coupled to one or more physical output devices 622 (haptic devices, video displays, audio output devices, hardcopy output devices, etc.). The at least one wireless I/O interface 620 may be communicatively coupled to one or more physical input devices 624 (pointing device, touch screen, keyboard, haptic device, etc.). The at least one wireless I/O interface 620 may include any currently available or future developed wireless I/O interface. Example wireless I/O interfaces include, but are not limited to:
Figure BDA0002842868000000081
(bluetooth), Near Field Communication (NFC), etc.
Computing device 600 may include one or more wired input/output (I/O) interfaces 630. The at least one wired I/O interface 630 may be communicatively coupled to one or more physical output devices 622 (haptic devices, video displays, audio output devices, hardcopy output devices, etc.). The at least one wired I/O interface 630 may be communicatively coupled to one or more physical input devices 624 (pointing device, touch screen, keyboard, haptic device, etc.). The wired I/O interface 630 may include any currently available or future developed I/O interface. Example wired I/O interfaces include, but are not limited to: universal Serial Bus (USB), IEEE 1394 ("FireWire"), etc.
The computing device 600 may include one or more communicatively coupled non-transitory data storage devices 660. The data storage 660 may include one or more Hard Disk Drives (HDDs) and/or one or more solid State Storage Devices (SSDs). The one or more data storage devices 660 may include any currently or later-developed storage components, network storage devices, and/or systems. Non-limiting examples of such data storage devices 660 may include, but are not limited to, any currently or later-developed non-transitory storage components or devices, such as one or more magnetic storage devices, one or more optical storage devices, one or more resistive storage devices, one or more molecular storage devices, one or more quantum storage devices, or various combinations thereof. In some implementations, the one or more data storage devices 660 can include one or more removable storage devices, such as one or more flash drives, flash memory storage units, or similar components or devices capable of being communicatively coupled to and decoupled from the computing device 600.
The one or more data storage devices 660 may include an interface or controller (not shown) that communicatively couples the respective storage device or system to the bus 616. The one or more data storage devices 660 may store, maintain, or otherwise contain a set of machine-readable instructions, data structures, program modules, data stores, databases, logic structures, and/or other data useful to the processor core 618 and/or graphics processor circuit 612, and/or one or more applications executing on or by the processor core 618 and/or graphics processor circuit 612. In some cases, one or more data storage devices 660 may be communicatively coupled to the processor core 618 via the bus 616 or via: one or more wired communication interfaces 630 (e.g., universal serial bus or USB); one or more wireless communication interfaces 620 (e.g.,
Figure BDA0002842868000000091
near field communication or NFC); and/or one or more network interfaces 670(IEEE802.3 or Ethernet, IEEE 8)02.11 or
Figure BDA0002842868000000092
Etc.).
Processor-readable instruction set 614 and other programs, applications, logic sets, and/or modules may be stored in whole or in part in system memory 640. Such a set of instructions 614 may be transmitted in whole or in part from one or more data storage devices 660. During execution by processor core 618 and/or graphics processor circuit 612, instruction set 614 may be loaded, stored, or otherwise retained, in whole or in part, in system memory 640.
Computing device 600 may include power management circuitry 650 to control one or more operational aspects of energy storage device 652. In an embodiment, energy storage device 652 may include one or more primary (i.e., non-rechargeable) or secondary (i.e., rechargeable) batteries or similar energy storage devices. In an embodiment, energy storage device 652 may include one or more supercapacitors or ultracapacitors. In embodiments, the power management circuitry 650 may alter, regulate, or control the flow of energy from the external power source 654 to the energy storage device 652 and/or to the computing device 600. The power source 654 may include, but is not limited to, a solar energy system, a commercial power grid, a portable generator, an external energy storage device, or any combination thereof.
For convenience, processor core 618, graphics processor circuit 612, wireless I/O interface 620, wired I/O interface 630, storage 660, and network interface 670 are shown communicatively coupled to each other via bus 616, providing connectivity between the aforementioned components. In alternative embodiments, the above-described components may be communicatively coupled differently than as shown in FIG. 7. For example, one or more of the above-described components may be directly coupled to the other components or may be coupled to each other via one or more intermediate components (not shown). In another example, one or more of the above components may be integrated into processor core 618 and/or graphics processor circuit 612. In some embodiments, all or a portion of bus 616 may be omitted, and the components may be directly coupled to one another using a suitable wired or wireless connection.
For example, embodiments may be provided as a computer program product that may include one or more machine-readable media having stored thereon machine-executable instructions that, when executed by one or more machines such as a computer, network of computers, or other electronic devices, may result in the one or more machines performing operations in accordance with embodiments described herein. The machine-readable medium may include, but is not limited to, floppy diskettes, optical disks, CD-ROMs (compact disc-read only memories), and magneto-optical disks, ROMs, RAMs, EPROMs (erasable programmable read only memories), EEPROMs (electrically erasable programmable read only memories), magnetic or optical cards, flash memory, or other type of media/machine-readable medium suitable for storing machine-executable instructions.
Moreover, embodiments may be downloaded as a computer program product, wherein the program may be transferred from a remote computer (e.g., a server) to a requesting computer (e.g., a client) by way of one or more data signals embodied in and/or modulated by a carrier wave or other propagation medium via a communication link (e.g., a modem and/or network connection).
Throughout this document, the term "user" may be interchangeably referred to as "viewer," "observer," "speaker," "person," "individual," "end user," and the like. It is noted that throughout this document, terms like "graphics domain" may be used interchangeably with "graphics processing unit," graphics processor, "or simply" GPU, "and similarly," CPU domain "or" host domain "may be used interchangeably with" computer processing unit, "" application processor, "or simply" CPU.
It is noted that terms such as "node," "computing node," "server device," "cloud computer," "cloud server computer," "machine," "host," "device," "computing device," "computer," "computing system," and the like may be used interchangeably in this document. It is further noted that terms like "application," "software application," "program," "software program," "package," "software package," and the like may be used interchangeably in this document. In addition, terms such as "job," "input," "request," "message," and the like may be used interchangeably in this document.
In various implementations, the computing device may be a laptop computer, a netbook, a notebook, an ultrabook, a smartphone, a tablet, a Personal Digital Assistant (PDA), an ultra mobile PC, a mobile phone, a desktop computer, a server, a set-top box, an entertainment control unit, a digital camera, a portable music player, or a digital video recorder. The computing device may be stationary, portable, or wearable. In further embodiments, the computing device may be any other electronic device that processes data or records data for processing elsewhere.
The figures and the foregoing description give examples of embodiments. Those skilled in the art will appreciate that one or more of the described elements may well be combined into a single functional element. Alternatively, certain elements may be divided into multiple functional elements. Elements from one embodiment may be added to another embodiment. For example, the order of processing described herein may be changed and is not limited to the manner described herein. Moreover, the actions of any flow diagram need not be performed in the order shown; nor does it necessarily have to perform all acts. Further, those acts that are not dependent on other acts may be performed in parallel with the other acts. The scope of embodiments is in no way limited by these specific examples. Variations, such as differences in structure, dimensions, and use of materials, are possible whether or not expressly set forth in the specification. The scope of the embodiments is at least as broad as given by the following claims.
For example, embodiments may be provided as a computer program product that may include a transitory or non-transitory machine-readable storage medium having stored thereon machine-executable instructions that, when executed by a device such as a computer, network of computers, or other electronic devices, may result in one or more machines performing operations in accordance with embodiments described herein. The machine-readable medium may include, but is not limited to, floppy diskettes, optical disks, CD-ROMs (compact disc-read only memories), and magneto-optical disks, ROMs, RAMs, EPROMs (erasable programmable read only memories), EEPROMs (electrically erasable programmable read only memories), magnetic or optical cards, flash memory, or other type of media/machine-readable medium suitable for storing machine-executable instructions.
Some embodiments pertain to example 1, which example 1 includes an apparatus to facilitate memory map security in a system on a chip (SOC) that includes a memory device, a plurality of agents configured to access the memory device, and a microcontroller to receive a request to authorize a host device to access the memory device, and to perform an alias checking process for each of the plurality of agents to verify an accuracy of a memory map of the memory device.
Example 2 includes the subject matter of example 1, wherein the microcontroller locks registers associated with the memory map.
Example 3 includes the subject matter of examples 1 and 2, further comprising basic input/output system (BIOS) firmware to program the memory map for the plurality of agents.
Example 4 includes the subject matter of examples 1-3, wherein the microcontroller further performs an authentication process to verify the integrity of the memory map.
Example 5 includes the subject matter of examples 1-4, wherein the microcontroller allows the host device to access the memory device after determining that the integrity has been verified.
Example 6 includes the subject matter of examples 1-5, wherein the microcontroller prevents access to the host device when it is determined that the integrity has not been verified.
Example 7 includes the subject matter of examples 1-6, wherein the microcontroller prevents access to the host device via the hardware locking mechanism.
Example 8 includes the subject matter of examples 1-7, wherein the microcontroller issues the result of the authentication to the BIOS firmware.
Some embodiments pertain to example 9, this example 9 including a method of facilitating memory map security in a system on a chip (SOC), the method including receiving, at a microcontroller, a request from a basic input/output system (BIOS) firmware to authorize a host device to access a memory device, and executing an access authorization request initiated by a boot firmware, the microcontroller performing an alias checking process to verify an accuracy of a memory map of the memory device, and the microcontroller performing an authentication process to verify an integrity of the memory map.
Example 10 includes the subject matter of example 9, the example further comprising a microcontroller lock register associated with the memory map.
Example 11 includes the subject matter of examples 9 and 10, further comprising a microcontroller that allows the host device to access the memory device upon determining that integrity has been verified.
Example 12 includes the subject matter of examples 9-11, further comprising the microcontroller blocking access to the host device when it is determined that integrity has not been verified.
Example 13 includes the subject matter of examples 9-12, wherein the microcontroller prevents access to the host device via the hardware locking mechanism.
Example 14 includes the subject matter of examples 9-13, further comprising the microcontroller issuing the authentication result to the BIOS firmware.
Some embodiments pertain to example 15, the example 15 including a computing device comprising: a processor; a memory device comprising a memory map; basic input/output system (BIOS) firmware that programs memory maps for a plurality of agents; an architecture interface coupled between the processor, the memory device, and the BIOS firmware; and a microcontroller coupled to the architecture interface that receives a request from the BIOS firmware to authorize the processor to access the memory device, and executes an access permission request initiated by the boot firmware and performs an alias checking process to verify an accuracy of a memory map of the memory device.
Example 16 includes the subject matter of example 15, wherein the microcontroller further performs an authentication process to verify an integrity of the memory map.
Example 17 includes the subject matter of examples 15 and 16, wherein the microcontroller allows the processor to access the memory device upon determining that the integrity has been verified.
Example 18 includes the subject matter of examples 15-17, wherein the microcontroller prevents access to the processor device when it is determined that the integrity has not been verified.
Example 19 includes the subject matter of examples 15-18, wherein the microcontroller prevents access to the host device via the hardware locking mechanism.
Example 20 includes the subject matter of examples 15-19, further comprising a plurality of IP agents coupled to the fabric interface.
Example embodiments have been described above with reference to specific embodiments. However, it will be evident to those skilled in the art that various modifications and changes may be made thereto without departing from the broader spirit and scope as set forth in the appended claims. The foregoing description and drawings are, accordingly, to be regarded in an illustrative rather than a restrictive sense.

Claims (20)

1. An apparatus that facilitates memory mapping security in a system on a chip (SOC), comprising:
a microcontroller that receives a request to authorize a host device to access a memory device and performs an alias checking process to verify an accuracy of a memory map of the memory device.
2. The system of claim 1, wherein the microcontroller locks registers associated with the memory map.
3. The system of claim 2, further comprising basic input/output system (BIOS) firmware to program the memory map for a plurality of agents.
4. The system of claim 3, wherein the microcontroller further performs an authentication process to verify the integrity of the memory map.
5. The system of claim 4, wherein the microcontroller allows the host device to access the memory device upon determining that the integrity has been verified.
6. The system of claim 5, wherein the microcontroller prevents access to the host device upon determining that the integrity has not been verified.
7. The system of claim 6, wherein the microcontroller prevents access to the host device via a hardware locking mechanism.
8. The system of claim 4, wherein the microcontroller issues a result of authentication to the BIOS firmware.
9. A method of facilitating memory mapping security in a system on a chip (SOC), comprising:
receiving, at a microcontroller from basic input/output system (BIOS) firmware, a request to authorize a host device to access a memory device and to execute an access authorization request initiated by boot firmware;
the microcontroller performs an alias checking process to verify an accuracy of a memory map of the memory device; and
the microcontroller performs an authentication process to verify the integrity of the memory map.
10. The method of claim 9, further comprising the microcontroller locking registers associated with the memory map.
11. The method of claim 9, further comprising the microcontroller allowing the host device to access the memory device upon determining that the integrity has been verified.
12. The method of claim 11, further comprising the microcontroller preventing access to the host device upon determining that the integrity has not been verified.
13. The method of claim 12, wherein the microcontroller prevents access to the host device via a hardware locking mechanism.
14. The method of claim 11, further comprising the microcontroller issuing a result of authentication to the BIOS firmware.
15. A computing device, comprising:
a processor;
a memory device comprising a memory map;
basic input/output system (BIOS) firmware that programs the memory map for a plurality of agents;
an architecture interface coupled between the processor, the memory device, and the BIOS firmware; and
a microcontroller coupled to the architecture interface, the microcontroller receiving a request from the BIOS firmware to authorize access by the processor to the memory device and to execute an access authorization request initiated by boot firmware, and performing an alias checking process to verify an accuracy of a memory map of the memory device.
16. The computing device of claim 15, wherein the microcontroller further performs an authentication process to verify the integrity of the memory map.
17. The computing device of claim 16, wherein the microcontroller allows the processor to access the memory device upon determining that the integrity has been verified.
18. The computing device of claim 17, wherein the microcontroller prevents access to the processor device when it is determined that the integrity has not been verified.
19. The computing device of claim 17, wherein the microcontroller prevents access to the host device via a hardware locking mechanism.
20. The computing device of claim 15, further comprising a plurality of IP agents coupled to the fabric interface.
CN202011498360.0A 2020-03-27 2020-12-17 Memory mapping protection mechanism Pending CN113448886A (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US16/832,125 US11429289B2 (en) 2020-03-27 2020-03-27 Memory map protection mechanism
US16/832,125 2020-03-27

Publications (1)

Publication Number Publication Date
CN113448886A true CN113448886A (en) 2021-09-28

Family

ID=72335238

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011498360.0A Pending CN113448886A (en) 2020-03-27 2020-12-17 Memory mapping protection mechanism

Country Status (2)

Country Link
US (1) US11429289B2 (en)
CN (1) CN113448886A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11429289B2 (en) 2020-03-27 2022-08-30 Intel Corporation Memory map protection mechanism

Family Cites Families (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6343324B1 (en) * 1999-09-13 2002-01-29 International Business Machines Corporation Method and system for controlling access share storage devices in a network environment by configuring host-to-volume mapping data structures in the controller memory for granting and denying access to the devices
US7610611B2 (en) * 2003-09-19 2009-10-27 Moran Douglas R Prioritized address decoder
US9319380B2 (en) * 2014-03-20 2016-04-19 Bitdefender IPR Management Ltd. Below-OS security solution for distributed network endpoints
TWI502348B (en) * 2014-05-02 2015-10-01 Via Tech Inc System and method for managing expansion read-only memory and management host thereof
TWI546667B (en) * 2015-01-28 2016-08-21 群聯電子股份有限公司 Method for managing memory card, memory storage device and memory control circuit unit
US10360370B2 (en) * 2016-07-22 2019-07-23 Hewlett Packard Enterprise Development Lp Authenticated access to manageability hardware components
US11783064B2 (en) * 2017-07-10 2023-10-10 Intel Corporation Techniques to provide hardware enforced protection environment for a system management mode
US11251959B2 (en) * 2018-07-09 2022-02-15 Ares Technologies, Inc. Method of manufacturing a secure computing hardware apparatus
GB2578297B (en) * 2018-10-19 2021-07-14 Advanced Risc Mach Ltd Trusted intermediary realm
US10824573B1 (en) * 2019-04-19 2020-11-03 Micron Technology, Inc. Refresh and access modes for memory
US11005936B1 (en) * 2020-03-10 2021-05-11 Mediatek Inc. Security mechanism for multi-client access to a single storage device through a single controller
US11429289B2 (en) 2020-03-27 2022-08-30 Intel Corporation Memory map protection mechanism

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11429289B2 (en) 2020-03-27 2022-08-30 Intel Corporation Memory map protection mechanism

Also Published As

Publication number Publication date
US11429289B2 (en) 2022-08-30
US20200285403A1 (en) 2020-09-10

Similar Documents

Publication Publication Date Title
US11928215B2 (en) Firmware verification mechanism
US11829483B2 (en) Platform security mechanism
CN113448886A (en) Memory mapping protection mechanism
US11983260B2 (en) Partitioned platform security mechanism
EP4195079A1 (en) Hardware integrity verification mechanism
US11886316B2 (en) Platform measurement collection mechanism
US20210110043A1 (en) Platform firmware boot mechanism
US20200226260A1 (en) Firmware resiliency mechanism
US20220004635A1 (en) Computing peripheral interface management mechanism
US11568048B2 (en) Firmware descriptor resiliency mechanism
US11429496B2 (en) Platform data resiliency mechanism
US11861009B2 (en) Mechanism to update attested firmware on a platform
US20220100906A1 (en) Software library integrity verification mechanism
US20220004398A1 (en) Integrated circuit package reconfiguration mechanism
US20220103557A1 (en) Mechanism for managing services to network endpoint devices
US20220103358A1 (en) Cloud key access mechanism
US20220092196A1 (en) Mechanism for secure library sharing

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination